Monthly Archives: June, 2016

  1. Intel RIP ROP, Hardware-Enforced CFI, and the Future of Trusted Computing

    Recently, Intel made an exciting announcement regarding an anti-exploitation technology called Control-flow Enforcement Technology, or CET.  This builds on previous work on Control Flow Integrity (CFI) done by Microsoft researchers, as well as a paper by IAD researchers proposing hardware-enforced CFI. While the IAD paper showed a modified Qemu and Linux kernel providing a proof-of-concept, Read More…

  2. The Mostly Forgotten USB Drive PP

    The oldest Protection Profile (PP) currently on NIAP’s approved PP list is also one that has not gotten much attention. The Protection Profile for USB Flash Drives was approved in December of 2011 but in the nearly half-decade since its approval no successful evaluations have been performed against it. It is interesting to take a Read More…